Vulnerability Development mailing list archives
Re: Blind Remote Buffer Overflow (fwd)
From: xm () GEEKMAFIA DYNIP COM (Ex Machina)
Date: Mon, 1 May 2000 22:17:03 -0400
Another good way to discern os and platform remotely would be to look up the ethernet card's OUI in the IEEE database. Chances are you'll be able to tell the hardware platform. Ex Machina (xm () geekmafia dynip com) http://geekmafia.dynip.com/~xm/ phone: 1-877-LPT-WHIP icq: 3387005 aim: ExMachina GnuPG Keyprint: 0627 C3A8 DE25 F7FB 46BD 4870 2006 CF7F EBDA 949D On Mon, 1 May 2000, Arturo Busleiman wrote:
Date: Mon, 1 May 2000 15:29:16 -0300 From: Arturo Busleiman <buanzox () USA NET> To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Blind Remote Buffer Overflow (fwd) Dear Matthew <mpotter () atpco com>, the email I'm forwading was sent to me only, and it wasn't CC'ed to vuln-dev. So here it is. ---------- Forwarded message ---------- Date: Mon, 01 May 2000 00:59:15 -0400 From: "Matthew R. Potter" <mpotter () atpco com> To: Arturo Busleiman <buanzox () usa net> Subject: Re: Blind Remote Buffer Overflow At 12:31 AM 5/1/00 -0300, you wrote:On Sun, 30 Apr 2000, Matthew R. Potter wrote:I'm not talking with a shell ;) I'm talking about telling the diffrence between say, netbsd on sparx,x86, and alpha platforms. when you dont have shell. and to make it harder.. lets say telnet dosent display that nice littel banner: *BSD(sparc) I guess I should have made my question clearer. I'm aware of how fingerprinting tcp/ip/ works, etc..well, now I perfectly understand your question. I can't tell you, but I imagine that the tcp/ip fingerprint for, let's say, freebsd for sparc DOES SURELY have differences between it's x86 counterpart... I imagine :)Maybe in preformance? For some OS'es it's just not worth it. I mean Solaris 2.X only Runs on 2 platforms, sparc and x86, excluding the 2.5.1 release which also runs on PPC. It's just easy to assume people are running the common ones. SPARC, x86, Alpha, those are the most common hardware platforms on the net, I would think.
Current thread:
- Re: Blind Remote Buffer Overflow (fwd) Arturo Busleiman (May 01)
- Re: Blind Remote Buffer Overflow (fwd) Ex Machina (May 01)
- <Possible follow-ups>
- Re: Blind Remote Buffer Overflow (fwd) Robert G. Ferrell (May 02)